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CLAIMS 

1 LA method for a security manager device to manage a plurality of network 

2 security devices with a plurality of supervisor devices, each network security device generating 

3 network security information related to an associated group of network devices, storing the 

4 generated network security information on a primary supervisor device for the network security 

5 device when the primary supervisor device is available to store the generated network security 

6 information, and storing the generated network security information on an altemate supervisor 

7 device when the primary supervisor device is unavailable, the method comprising: 

8 distributing security control information to multiple network security devices, the 

9 security control information to be used to generate network security information, by 

10 determining a supervisor device that is the primary supervisor device for 

1 1 each of the multiple network security devices; 

12 sending a single copy of the security control information to the determined 

13 supervisor device; and 

14 indicating to the determined supervisor device to send a copy of the 

15 security control information to each of the multiple network security devices; and 

16 aggregating the network security information generated by an indicated one of the 

17 multiple network security devices using the security control information, by 

18 determining at least one altemate supervisor device that stores at least a 

19 portion of the network security information generated by the indicated network security device; 

20 notifying the primary supervisor device for the indicated network security 

21 device of a desire for the generated network security information, the notifying including an 

22 indication of the determined altemate supervisor devices; and 

23 in response, receiving the generated network security information, 

24 so that the manager device can efficiently distribute information to multiple network security 

25 devices, and can retrieve all of the generated network security information for a network security 
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26 device because alternate supervisor devices will store the information when the primary 

27 supervisor device for the network security device is unavailable. 

1 2. The method of claim 1 including generating network security information 

2 by, for each network security device: 

3 monitoring network information passing between any network device in the 

4 associated group for the network security device and any network device not in the associated 

5 group; and 

6 when the monitored network information is of an indicated type, 

7 determining whether the primary supervisor device for the network 

8 security device is available to receive information; 

9 when the primary supervisor device is available, sending network security 

10 information about the monitored network information to the primary supervisor device for 

11 storage; and 

12 when the primary supervisor device is not available, sending network 

13 security information about the monitored network information to an alternate supervisor device 

14 for storage. 

1 3. The method of claim 2 wherein for each network security device, a 

2 security policy for the network security device specifies the indicated types of monitored 

3 network information for which to generate network security information and specifies data 

4 related to the monitored network information to be included in the generated network security 

5 information. 
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1 4. The method of claim 1 wherein the distributed security control 

2 information is software to be executed by the multiple network security devices to control the 

3 generation of the network security information. 

1 5. The method of claim 1 wherein the distributed security control 

2 information is a security policy template that defines the network security information to be 

3 generated, and including: 

4 after a copy of the security policy template has been sent to each of the multiple 

5 network security devices, configuring each copy of the security poUcy template with information 

6 specific to the network security device to which the security policy template was sent. 

1 6. The method of claim 1 wherein after the notifying of the primary 

2 supervisor device, the primary supervisor device sends the generated network security 

3 information to the manager device by: 

4 retrieving fi-om each of the determined altemate supervisor devices the network 

5 security information generated by the indicated network security device; 

6 retrieving any network security information generated by the indicated network 

7 security device that is stored by the primary supervisor device; and 

8 sending the retrieved network security information to the manager device. 

1 7. The method of claim 1 including after the receiving of the generated 

2 network security information, aggregating the portions of the generated network security 

3 information stored by the determined altemate supervisor devices and any portion of the 

4 generated network security information stored by the primary supervisor device. 
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1 8. The method of claim 1 wherein infomiation is sent between the manager 

2 device and the supervisor devices and between the supervisor devices and the network security 

3 devices in a secure form so that others do not have access to contents of the information. 

1 9. The method of claim 1 including displaying to a user the plurality of 



2 network security devices and the plurality of supervisor devices in such a manner that the 

3 primary supervisor device for each of the network security devices is visually indicated, and 

4 wherein the distributing of the security control information to the multiple network security 

5 devices is in response to selection by the user of the displayed multiple network security devices. 

1 10. The method of claim 1 including displaying to a user the plurality of 

2 network security devices and the plurality of supervisor devices in such a manner that the 

3 primary supervisor device for each of the network security devices is visually indicated, and 

4 wherein the aggregating of the network security information generated by an indicated one of the 

5 multiple network security devices is in response to a visual indication by the user of the one 

6 multiple network security device. 



1 11. A method for collecting security information generated by a security 

2 device, the generated security information based on network information passing between other 

3 network devices, the generated security information stored on at least one host device distinct 

4 from the security device, the method comprising: 

5 receiving a request for the generated security information; 

6 determining the host devices on which at least portions of the generated security 

7 information are stored; and 

8 when there are multiple determined host devices, 
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9 for each of the multiple determined host devices, retrieving the portions of 

10 the generated security information that are stored on the host device; and 

1 1 aggregating the retrieved portions of the generated security information. 

1 12. The method of claim 11 including determining a host device that is a 



2 primary host device for the security device, and wherein the portions of the generated security 

3 information from each of the multiple determined host devices are retrieved from the primary 

4 host device after the primary host device collects the portions from the multiple determined host 

5 devices. 



1 13. The method of claim 11 including requesting from each of the multiple 

2 determined host devices the portions of the generated security information that are stored on the 

3 host device. 

1 14. The method of claim 1 1 wherein the aggregating of the retrieved portions 

2 of the generated security information includes sorting the aggregated security information 

3 chronologically. 

1 15. The method of claim 1 1 wherein the aggregating of the retrieved portions 

2 of the generated security information includes sorting the aggregated security information by 

3 type of security information. 



1 16. The method of claim 11 wherein the received request for the generated 

2 security information is from a user, and including displaying the aggregated security information 

3 to the user. 
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1 17. The method of claim 11 including detemiining a change needed in 

2 network information allowed to pass between the other network devices based on the aggregated 

3 security information. 

1 18. The method of claim 11 including displaying to a user a view including 

2 the security device and the host devices, and wherein the request for the generated security 

3 information involves a visual indication by the user of the security device. 

1 19. A method for collecting security information generated by a security 

2 device, the generated security information based on network information passing between other 

3 network devices, the generated security information stored on multiple host devices distinct from 

4 the security device, the method comprising: 

5 receiving a request from a manager device for the generated security information; 

6 receiving an indication of the multiple host devices which store portions of the 

7 generated security information; 

8 retrieving from each of the multiple host devices the stored portions of the 

9 generated security information; and 

10 sending to the manager device the retrieved portions of the generated security 

1 1 information, 

12 so that the manager device can aggregate the portions of the generated security information 

13 stored by the multiple host devices. 
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1 20. The method of claim 19 including: 

2 before sending to the manager device the retrieved portions of the generated 

3 security information, determining that the manager device is predefined as being authorized to 

4 receive the generated security information. 

1 21. The method of claim 1 9 including: 

2 receiving from the manager device access information; and 

3 before sending to the manager device the retrieved portions of the generated 

4 security information, determining that the access information authorizes a sender of the access 

5 information to receive the generated security information. 

1 22. The method of claim 19 including: 

2 before sending to the manager device the retrieved portions of the generated 

3 security information, formatting the retrieved portions in a manner accessible only to the 

4 manager device. 

1 23. The method of claim 19 wherein the indications of the multiple host 

2 devices which store portions of the generated security information is received from the manager 

3 device. 

1 24. The method of claim 19 including before receiving the indications of the 

2 multiple host devices which store portions of the generated security information, contacting the 

3 security device to determine the multiple host devices. 
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1 25. A method for storing security information generated by a security device 

2 in a distributed manner so as to ensure the security information is available, the security 

3 information based on network information passing between network devices, the method 

4 comprising: 

5 identifying whether a primary supervisor device for the security device is 

6 available to store received security information; 

7 when the primary supervisor device is available, storing the security information 

8 on the primary supervisor device; and 

9 when the primary supervisor device is not available, storing the security 

10 information on an alternate supervisor device, 

1 1 so that a manager device can retrieve all of the security information because alternate supervisor 

12 devices will store the information when the primary supervisor device is unavailable. 

1 26. The method of claim 25 including generating the security information by: 

2 retrieving a policy which indicates types of network information; 

3 monitoring the network information passing between the network devices; and 

4 when the monitored network information is of a type indicated by the policy, 

5 generating security information about the monitored network information. 

1 27. The method of claim 26 wherein the policy for the network security device 

2 indicates types of information to be included in the generated security information. 

1 28 . The method of claim 25 including: 

2 before storing the security information on a supervisor device, determining that 

3 the supervisor device is predefined as being authorized to receive the security information. 
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1 29. The method of claim 25 including: 

2 before storing the security infomiation on a supervisor device, formatting the 

3 security information in a manner accessible only to the supervisor device. 

1 30. The method of claim 25 wherein the method is performed by the security 

2 device, and including sending the security information to the supervisor device that will store the 

3 security information in a manner accessible only to the supervisor device. 

1 31. A method for distributing security policy implementation information to 

2 multiple security devices for use in implementing a security poHcy, the method comprising: 

3 for each of the security devices, determining a supervisor device currently 

4 associated with the security device; 

5 distributing the security pohcy implementation information to each of the 

6 determined supervisor devices; and 

7 indicating to each of the determined supervisor devices to distribute the security 

8 policy implementation information to the security devices with which the supervisor device is 

9 associated. 

1 32. The method of claim 31 wherein the security policy implementation 

2 information is software to be executed by the security devices to control the implementing of the 

3 security policy. 

1 33. The method of claim 31 wherein the security policy implementation 

2 information is a security policy template that indicates the security information to be generated. 
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1 34. The method of claim 33 including: 

2 after the security policy implementation information has been distributed to each 

3 of the security devices, configuring the security policy implementation information distinctly on 

4 each security device. 

1 35. The method of claim 31 wherein the security policy implementation 

2 information is an instruction to be executed by the multiple security devices related to the 

3 implementing of the security policy. 

1 36. The method of claim 31 wherein the security policy implementation 



2 information is information common to the muhiple security devices, and wherein for each of the 

3 multiple security devices the common information is for configuring a security policy template 

4 for the security device with information specific to the security device. 

1 37. The method of claim 31 wherein before the security policy 

2 implementation information is distributed to each of the multiple security devices, at least some 

3 of the multiple security devices have existing security poUcy implementation information of a 

4 similar type, and wherein for those security devices the security policy implementation 

5 information to be distributed will replace the existing security policy implementation 

6 information. 

1 38. The method of claim 31 wherein before the security policy 

2 implementation information is distributed to each of the multiple security devices, at least some 

3 of the multiple security devices have existing security policy implementation information of a 

4 similar type, and wherein for those security devices the security policy implementation 
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5 information to be distributed will supplement the existing security policy implementation 

6 information. 

1 39. The method of claim 31 wherein the distributing of the security policy 

2 implementation information to each of the determined supervisor devices is performed in a 

3 manner such that the security policy implementation information is not accessible to other 

4 devices. 



1 40. The method of claim 31 including displaying to a user a view of the 

2 multiple security devices and the supervisor devices currently associated with the security 

3 devices, and wherein the distributing of the security policy implementation information is in 

4 response to a visual selection by the user. 



1 41. A method for a supervisor device to distribute security policy 

2 implementation information to multiple security devices for use in implementing a security 

3 policy, the method comprising: 

4 receiving from a manager device a single copy of security policy implementation 

5 information to be distributed to multiple security devices; and 

6 for each of the multiple security devices, if the supervisor device is associated 

7 with the security device, distributing the security policy implementation information to the 

8 security device. 

1 42. The method of claim 41 wherein the security policy implementation 

2 information is software to be executed by the security devices to control the implementing of the 

3 security policy. 
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1 43, The method of claim 41 wherein the security policy implementation 

2 information is a security policy template that indicates the security information to be generated. 

1 44. The method of claim 43 including: 

2 after the security policy implementation information has been distributed to each 

3 of the security devices, configuring the security policy implementation information distinctly on 

4 each security device. 

1 45. The method of claim 43 including: 

2 before the security policy implementation information has been distributed to 

3 each of the security devices, for each security device configuring distinctly for that device a copy 

4 of the security policy implementation information that is to be distributed to that device. 

1 46. The method of claim 43 including: 

2 for each of the security devices, sending to the security device a control 

3 instruction indicating an action to be taken with the security policy implementation information 

4 by the security device. 

1 47. The method of claim 41 wherein the security poHcy implementation 

2 information is an instruction to be performed by the security devices related to the implementing 

3 of the security policy. 

1 48. The method of claim 41 wherein the supervisor device distributes the 

2 seciuity poUcy implementation information to a security device only when the supervisor device 

3 is associated with the security device as a primary supervisor device for the security device. 
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1 49. The method of claim 41 including when the supervisor device is not 

2 associated with one of the multiple security devices, distributing the security policy 

3 implementation information to another supervisor device to be distributed to the one security 

4 device. 

1 50. A method for distributing control information to multiple security devices 

2 for use in controlling the operation of the multiple security devices, the method comprising: 

3 for each of the security devices, determining a supervisor device currently 

4 associated with the security device; 

5 distributing the control information to each of the determined supervisor devices; 

6 and 

7 indicating to each of the determined supervisor devices to distribute the control 

8 information to the security devices with which the supervisor device is associated. 

1 51. The method of claim 50 wherein after the control information is 

2 distributed to the security devices, the security devices operate in accordance with the control 

3 information. 

1 52. A method for a security device to operate in accordance with security 

2 policy implementation information distributed from a manager device, the method comprising: 

3 receiving security policy implementation information to be used by the security 

4 device in implementing a security policy; and 

5 using the security policy implementation information to implement the security 

6 policy. 
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1 53, The method of claim 52 wherein the security poUcy implementation 

2 information is distributed to multiple security devices via a supervisor device associated with the 

3 multiple security devices. 

1 54. The method of claim 52 wherein the security policy implementation 

2 information is software to be executed by the security device to control the implementing of the 

3 security policy. 

1 55. The method of claim 52 wherein the security policy implementation 

2 information is a security policy template that indicates security information to be generated. 

1 56. The method of claim 55 including: 

2 after the security policy implementation information has been received, receiving 

3 from the manager device configuration information specific to the security device to customize 

4 the security policy template. 

1 57. The method of claim 52 wherein the security policy implementation 

2 information is an instruction to be taken by the security device related to the implementing of the 

3 security policy. 

1 58. The method of claim 52 including: 

2 before using the security policy implementation information to implement the 

3 security policy, determining that the manager device is predefined as being authorized to 

4 distribute the security policy implementation information. 
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1 59. The method of claim 52 including: 

2 receiving from the manager device access information; and 

3 before using the security poUcy implementation information to implement the 

4 security policy, determining that the access information authorizes a sender of the access 

5 information to distribute the security policy implementation information. 

1 60. A method for collecting security information generated by a security 

2 device, the generated security information based on network information passing between other 

3 network devices, the generated security information stored on at least one host device distinct 

4 from the security device, the method comprising: 

5 displaying to a user a view including the security device and the host devices; 

6 receiving from the user a visual indication of a security device from which to 

7 retrieve generated security information; 

8 determining the host devices on which at least portions of the generated security 

9 information are stored; 

10 retrieving the portions of the generated security information that are stored on the 

1 1 determined host devices; and 

12 aggregating the retrieved portions of the generated security information. 

1 61. The method of claim 60 including displaying to the user the aggregated 

2 generated security information. 

1 62. The method of claim 60 wherein the view of the security device and of the 

2 host devices includes a visual indication of a host device that is a primary host device for the 

3 security device. 
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1 63, The method of claim 60 wherein the view of the security device and of the 

2 host devices includes visual indications of the determined host devices. 

1 64. The method of claim 60 wherein a visual indication displayed in the view 

2 of a device performing the method is modified to indicate that the generated security information 

3 has been retrieved. 

1 65. A method for distributing security policy implementation information to 

2 multiple security devices for use in implementing a security poUcy, the method comprising: 

3 displaying to a user a view of the multiple security devices and of multiple 

4 supervisor devices; 

5 receiving from the user visual indications of multiple security devices to which 

6 the security policy implementation information is to be distributed; 

7 distributing the security policy implementation information to a supervisor device 

8 associated with each of the security devices; and 

9 indicating to the associated supervisor device to distribute the security policy 
10 implementation information to each of the security devices. 

1 66. The method of claim 65 including: 

2 displaying to the user multiple pieces of security policy implementation 

3 information; and 

4 determining the security policy implementation information to be distributed 

5 based on a visual indication by the user. 
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1 67. The method of claim 65 wherein the view of the security devices and of 

2 the supervisor devices includes a visual indication of a supervisor device that is a primary host 

3 device for the security device. 

1 68. The method of claim 65 wherein a visual indication for each of the 

2 multiple security devices is modified to indicate receipt by the security device of the security 

3 policy implementation information. 

1 69. A method for displaying security information generated by a security 

2 device, the generated security information based on network information passing between other 

3 network devices, portions of the generated security information stored on multiple host devices 

4 distinct from the security device, the method comprising: 

5 displaying to a user a view including the security device and the host devices; 

6 receiving from the user an indication of a security device from which to retrieve 

7 generated security information; and 

8 displaying to the user an aggregation of the portions of the generated security 

9 information retrieved from the multiple host devices. 

1 70. The method of claim 69 wherein the view of the security device and of the 

2 host devices includes visual indications of the multiple host devices. 

1 71. The method of claim 69 wherein a visual indication displayed in the view 

2 of a device performing the method is modified to indicate that the generated security information 

3 has been retrieved. 
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1 12. A method for distributing security policy implementation inforaiation to 

2 multiple security devices for use in implementing a security policy, the method comprising: 

3 displaying to a user a view of a manager device, the multiple security devices and 

4 of multiple supervisor devices; 

5 receiving from the user indications of multiple security devices to which the 

6 security policy implementation information is to be distributed; and 

7 displaying to the user an indication that the security policy implementation 



8 information is distributed to the multiple security devices, the distribution accomplished by the 

9 manager device sending the security pohcy implementation information to a supervisor device 

10 associated with each of the security devices and indicating to the associated supervisor device to 

1 1 distribute the security policy implementation information to each of the security devices. 



1 73. The method of claim 72 including: 

2 displaying to the user multiple pieces of security policy implementation 

3 information; and 

4 determining the security policy implementation information to be distributed 

5 based on a visual indication by the user. 

1 74. The method of claim 72 wherein the view of the security devices and of 

2 the supervisor devices includes a visual indication that the associated supervisor device 

3 distributes the security policy implementation information to each of the security devices. 

1 75. The method of claim 72 wherein a visual indication for each of the 

2 multiple security devices is modified to indicate receipt by the security device of the security 

3 policy implementation information. 
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1 76. The method of claim 72 wherein the multiple security devices to which the 

2 security policy implementation information is to be distributed are indicated from a selection by 

3 the user of the associated supervisor device. 

1 , 77. A computer-readable medium whose contents cause a manager device to 

2 collect security information generated by a security device, the generated security information 

3 based on network information passing between other network devices, the generated security 

4 information stored on at least one host device distinct from the security device, by: 

5 receiving a request for the generated security information; 

6 determining the host devices on which at least portions of the generated security 

7 information are stored; and 

8 when there are multiple determined host devices, 

9 for each of the multiple determined host devices, retrieving the portions of 

10 the generated security information that are stored on the host device; and 

1 1 aggregating the retrieved portions of the generated security information. 

1 78. The computer-readable medium of claim 77 wherein the contents further 

2 cause the manager device to determine a host device that is a primary host device for the security 

3 device, and wherein the portions of the generated security information for each of the multiple 

4 determined host devices are retrieved from the primary host device. 



1 79. The computer-readable medium of claim 77 wherein the aggregating of 

2 the retrieved portions of the generated security information includes sorting the aggregated 

3 security information chronologically. 
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1 80. The computer-readable medium of claim 77 wherein the received request 

2 for the generated security information is from a user, and wherein the contents further cause the 

3 manager device to display the aggregated security information to the user. 

1 81. The computer-readable medium of claim 77 wherein the contents further 



2 cause the manager device to display to a user a view including the security device and the host 

3 devices, and wherein the request for the generated security information involves a visual 

4 indication by the user of the security device. 



1 82. A computer-readable medium whose contents cause a manager device to 

2 distribute security policy implementation information to multiple security devices for use in 

3 implementing a security policy, by: 

4 for each of the security devices, determining a supervisor device currently 

5 associated with the security device; 

6 distributing the security policy implementation information to each of the 

7 determined supervisor devices; and 

8 indicating to each of the determined supervisor devices to distribute the security 

9 poHcy implementation information to the security devices with which the supervisor device is 
10 associated. 

1 83. The computer-readable medium of claim 82 wherein the security pohcy 

2 implementation information is software to be executed by the security devices to control the 

3 implementing of the security policy. 
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1 84. The computer-readable medium of claim 82 wherein the security policy 

2 implementation information is a security policy template that indicates the security information 

3 to be generated. 

1 85. The computer-readable medium of claim 84 wherein the contents further 



2 cause the manager device to, after the security policy implementation information has been 

3 distributed to each of the security devices, configure the security policy implementation 

4 information distinctly on each security device. 



1 86. The computer-readable medium of claim 82 wherein the security policy 

2 implementation information is an instruction to be executed by the multiple security devices 

3 related to the implementing of the security policy. 

1 87. The computer-readable medium of claim 82 wherein the contents further 



2 cause the manager device to display to a user a view of the multiple security devices and the 

3 supervisor devices currently associated with the security devices, and wherein the distributing of 

4 the security policy implementation information is in response to a visual selection by the user. 



1 88. A computer system for collecting security information generated by a 

2 security device, the generated security information based on network information passing 

3 between other network devices, the generated security information stored on at least one host 

4 device distinct from the security device, comprising: 

5 a user interface component that receives from a user a request for the generated 

6 security information; and 
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7 a security information retriever that determines the host devices on which at least 

8 portions of the generated security information are stored, and that when there are multiple 

9 determined host devices, for each of the multiple determined host devices, retrieves the portions 

10 of the generated security information that are stored on the host device and aggregates the 

1 1 retrieved portions of the generated security information. 

1 89. The computer system of claim 88 wherein the user interface component is 

2 capable of generating a graphical display of the aggregated security information. 

1 90. The computer system of claim 88 wherein the user interface component is 

2 capable of generating a graphical display including a hierarchical view of the security device and 

3 the host devices, and wherein the user interface component is further for receiving a visual 

4 indication of the security device indicating the request for the generated security information of 

5 the indicated security device. 



1 91. A computer system for distributing security policy implementation 

2 information to multiple security devices for use in implementing a security policy, comprising: 

3 a security device associator for determining for each of the security devices a 

4 supervisor device currently associated with the security device; and 

5 an information distributor for distributing the security policy implementation 

6 information to each of the determined supervisor devices, and for indicating to each of the 

7 determined supervisor devices to distribute the security policy implementation information to the 

8 security devices with which the supervisor device is associated. 
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1 92, The computer system of claim 91 wherein the security poHcy 

2 implementation information is software to be executed by the security devices to control the 

3 implementing of the security policy. 

1 93. The computer system of claim 91 wherein the security policy 

2 implementation information is a security policy template that indicates the security information 

3 to be generated. 

1 94. The computer system of claim 91 including a user interface component for 

2 displaying to a user a view of the multiple security devices and the supervisor devices currently 

3 associated with the security devices, and for receiving a visual selection by the user that controls 

4 the distributing of the security policy implementation information. 

1 95. A computer system for storing security information generated by a 

2 security device in a distributed manner so as to ensure the security information is available, the 

3 security information based on network information passing between network devices, 

4 comprising: 

5 a storage identifier for identifying whether a primary supervisor device for the 

6 security device is available to store received security information; and 

7 an information storer for storing the security information on the primary 

8 supervisor device if the primary supervisor device is available, and for storing the security 

9 information on an alternate supervisor device when the primary supervisor device is not 
10 available. 
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1 96. The computer system of claim 95 further comprising: 

2 a security information generator for retrieving a policy which indicates types of 

3 network information, for monitoring the network information passing between the network 

4 devices, and for generating security information about the monitored network information when 

5 the monitored network information is of a type indicated by the policy. 

1 97. The computer system of claim 95 further comprising: 

2 a security component for determining that a supervisor device is predefined as 

3 being authorized to receive the security information before storing the security information on 

4 the supervisor device. 

1 98. A computer system that implements a security pohcy in accordance with 

2 security policy implementation information distributed from a manager device, comprising: 

3 a security policy information receiver for receiving security policy 

4 implementation information to be used in implementing a security policy; and 

5 a security policy implementer for using the security policy implementation 

6 information to implement the secmity policy. 

1 99. The computer system of claim 98 wherein the security policy 

2 implementation information is software to be executed by the security device to control the 

3 implementing of the security policy. 



1 100. The computer system of claim 98 wherein the security policy 

2 implementation information is a security policy template that indicates security information to be 

3 generated. 
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1 101 . The computer system of claim 98 further comprising: 

2 a security component for determining that the manager device is predefined as 

3 being authorized to distribute the security policy implementation information before using the 

4 security policy implementation information to implement the security policy. 

1 102. A generated data signal transmitted via a data transmission medium from a 



2 manager device to a supervisor device, the data signal including a single copy of security policy 

3 implementation information to be distributed by the supervisor device to multiple security 

4 devices, the security poUcy implementation information for use by the supervisor devices in 

5 implementing a security policy, 

6 so that the manager device can efficiently distribute information to multiple security devices via 

7 a supervisor device. 



1 103. The data signal of claim 102 wherein the security policy implementation 

2 information is software to be executed by the security devices to control the implementing of the 

3 security policy. 

1 104. The data signal of claim 102 wherein the security policy implementation 

2 information is a security policy template that indicates the security information to be generated. 

1 105. The data signal of claim 102 including configuration information to be 

2 distributed by the supervisor device to at least one security device, the configuration information 

3 specific to the at least one security device, the configuration information for configuring 

4 distinctly for the at least one security device a copy of the security policy implementation 

5 information that is to be distributed to that device. 



